Your submission was sent successfully! Close

CVE-2021-3631

Published: 2 March 2022

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Priority

Negligible

CVSS 3 base score: 6.3

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
bionic
Released (4.0.0-1ubuntu8.21)
focal
Released (6.0.0-0ubuntu8.16)
groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Not vulnerable
(7.6.0-0ubuntu1)
jammy
Released (7.6.0-0ubuntu3)
trusty Needs triage

upstream
Released (7.6.0-1)
xenial Needs triage